Date: Fri, 1 Feb 2002 12:29:51 -0600 (CST) From: Rob Zietlow <zietlow@securepipe.com> To: hackers@freebsd.org Subject: Possible bug in kernel w/pppoe & ipf ? Message-ID: <Pine.LNX.4.44.0202011218040.12073-100000@buttress.wi.securepipe.com>
next in thread | raw e-mail | index | archive | help
Below you will see my original email to the freebsd-net mailing list. I received some help, but I think they are as confused as I was on this issue. I finally figured out it and what was causing the problem. Since this does deal with the kernel I and emailing the hackers list, if there is another list I should have/also have emailed it too, please tell me and I will. I have found no documentation concerning the issues that I was having on all of my websearches. Most of the mail at the bottom is config files. Here we go: I originally emailed the fbsd-net mailing list because i was having issues with my new DSL line that was pppoe. I could get my laptop to work on pppoe but not machine. Whenever I would try to ping anything, (localhost, static IP address on inside interface) I would get "no route to host" and the fact that I got this on my lo interface is what confused me even more. The other weird thing was the outside world could not see the box, the box could not see the outside world because of the routing issues, BUT the lan behind the box could see the internet, so it appeard to be bridging fine. After playing with things here and there, something struck me to use the default kernel. I booted into Kernel.GENERIC and everything worked fine! Everything could see everything, it all worked. So now I began the process of figuring out if it was a kernel issue or something more. I was able to cvsup and rebuild world and a new kernel, if I booted into a custom kernel I would get "no route to host" but in the GENERIC kernel I would be able to do everything. I modified the GENERIC kernel slowly by taking out things I did not need and then adding things in that I wanted. My machine stopped working once I added in "option IPFILTER_DEFAULT_BLOCK" with this option enabled I had no routing, but with this taken out of the kernel or IPFILTER_DEFAULT_ALLOW I was able to see the net. I compared the routing tables and they were identical. Is this a bug that I ran into? Is this been something that's been documented but for whatever reason Google didn't bring it up? Just thought I would make others aware of it as well so they don't run into the same issue that I had. Please CC me as i am not currently a memeber of the mailing list and have interest about the outcome of this issue Thanks Rob -- Rob Zietlow Network Security Engineer SecurePipe Madison, WI (608)-294-6940 Original email to Freebsd-net Mailing list I just got DSL after riding myself of my cable modem. The DSL I have is using pppoe. I was able to get this up and running on my laptop. I am now working on my gateway machine to get my LAN back up and running. I have used the how-to's listed in the freebsd diary ( http://www.freebsddiary.org/pppoe.php ) I also tried http://www.daemonnews.org/200101/pppoe.html These worked fine on my laptop and I was able to surf the web no problem. I then went to configure my gateway box. I added the appropriate options to the kernel and recompiled. I added the neccesary "ppp" lines to my rc.conf. I also created my ppp.conf. When I boot the machine I get the IP addresses but when I try to pass any traffic I get "no route to host" messages. I make sure my default gateway is setup correctly (which it appears to be as such). I delete the the default route and add it myself but this does not work either. I've tried using the routed daemon but I get the following error messages when I do that: (IP_ADD_MEMBERSHIP RIP) can't assign requested address setsockopt(IP_ADD_MEMBERSHIP RIP): Can't assign requested address After looking at my config files is there anything I am missing? Any other offers and suggestions? Thank you in advanced. Please CC: me as I am no longer on this list until I start my new job later this week. Rob UNAME -A: FreeBSD PITA.the-rob.com 4.5-RC FreeBSD 4.5-RC #2 Sat Jan 19 13:35:26 GMT 2002 zietlow@PITA.the-rob.com:/usr/src/sys/compile/FIREWALL i386 RC.CONF: # -- sysinstall generated deltas -- # # Created: Thu Jul 26 10:02:13 2001 # Enable network daemons for user convenience. # This file now contains just the overrides from /etc/defaults/rc.conf # please make all changes to this file. gateway_enable="YES" hostname="PITA.the-rob.com" network_interfaces="xl0 dc0 lo0" ifconfig_dc0="inet 192.168.1.1 netmask 255.255.255.0" ifconfig_lo0="inet 127.0.0.1" ifconfig_xl0="inet 10.0.0.1 netmask 255.255.255.0" #ifconfig_xl0="DHCP" inetd_enable="YES" kern_securelevel_enable="NO" linux_enable="YES" sshd_enable="YES" # -- sysinstall generated deltas -- # ntpdate_flags="time.nist.gov" ntpdate_enable="YES" portmap_enable="NO" update_motd="NO" font8x8="/usr/share/syscons/fonts/iso02-8x8.fnt" allscreens_flags="132x43" syslogd_flags="-ss" sshd_flags="-4" ipfilter_enable="YES" ipmon_enable="YES" ipmon_flags="-Dsvn" ipnat_enable="YES" #router_flags="-q" #router="routed" #router_enable="YES" ppp_enable="YES" ppp_mode="ddial" ppp_profile="tds" #ppp_nat="YES" PPP.CONF: # # ppp.conf: pppoe configuration # from http://www.daemonnews.org/200101/pppoe.html # default: #ppp over ethernet set device PPPoE:xl0: set speed sync set mru 1492 set mtu 1492 set ctsrts off # monitor line quality enable lqr # log just a bit set log Phase tun # insert default route upon connection add default HISADDR # download /etc/resolv.conf enable dns tds: set authname USERNAME set authkey PASSWORD IFCONFIG: dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 inet6 fe80::220:78ff:fe08:5e76%dc0 prefixlen 64 scopeid 0x1 ether 00:20:78:08:5e:76 media: Ethernet autoselect (100baseTX <full-duplex>) status: active xl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 options=3<rxcsum,txcsum> inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255 inet6 fe80::204:76ff:feb8:267c%xl0 prefixlen 64 scopeid 0x2 ether 00:04:76:b8:26:7c media: Ethernet autoselect (10baseT/UTP) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500 tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492 inet6 fe80::220:78ff:fe08:5e76%tun0 prefixlen 64 scopeid 0x5 inet 216.170.184.59 --> 216.170.184.1 netmask 0xffffff00 Opened by PID 59 NETSTAT -R: Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 216.170.184.1 UGSc 2 1 tun0 10/24 link#2 UC 0 0 xl0 localhost localhost UH 0 0 lo0 192.168.1 link#1 UC 0 0 dc0 216.170.184.1 216.170.184.59 UH 3 0 tun0 IPX: Destination Gateway Flags Netif Expire Internet6: Destination Gateway Flags Netif Expire localhost localhost UH lo0 fe80::%dc0 link#1 UC dc0 fe80::220:78ff:fe0 0:20:78:8:5e:76 UHL lo0 fe80::%xl0 link#2 UC xl0 fe80::204:76ff:feb 0:4:76:b8:26:7c UHL lo0 fe80::%lo0 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#3 UHL lo0 fe80::%tun0 fe80::220:78ff:fe0 Uc tun0 fe80::220:78ff:fe0 link#5 UHL lo0 ff01:: localhost U lo0 ff02::%dc0 link#1 UC dc0 ff02::%xl0 link#2 UC xl0 ff02::%lo0 localhost UC lo0 ff02::%tun0 fe80::220:78ff:fe0 UC PING: PING 216.170.184.1 (216.170.184.1): 56 data bytes ping sendto: No route to host ping sendto: No route to host ping sendto: No route to host: --- 216.170.184.1 ping statistics --- 3 packets transmitted, 0 packets received, 100% packet loss To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0202011218040.12073-100000>